<!doctype html>
<html>
<head>
    <meta charset="UTF-8">
    <title>我的通讯录</title>
    <style>
        h1{ color:red;}
        .errMsg{
            color: red;
            font-weight: bold;
        }
    </style>
</head>
<body><?php
session_status();
$u=$_SESSION['user'];//当前登录的用户
if (!$u){
    header('location:index.php');
    return;
}
if(isset($_GET['xh'])){
    try{
        $xh = $_GET['xh'];
        if ($xh===$u['xh']){
            $db=new PDo('mysql:host=localhost;dbname=db','root','12qwas');
            $ps=$db->prepare("delete from students where xh=?");
            $ps->execute(array($xh));
            header('location:index.php');
            return;
        }else{
            throw new Exception('您无删除/修改他人信息的权限');
        }

    }catch(Throwable $e){
        $errMsg=$e->getMessage();
    }
}
?>
<h1>删除用户</h1>
<div class="errMsg"><?=htmlentities($errMsg)?></div>
</body>
</html>